Loading...
Loading content...
Loading content...
No cognitive tests required for authentication at all - provide fully accessible alternatives.
Why it matters: Enhanced protection ensures maximum accessibility for authentication.
A cognitive function test (such as remembering a password or solving a puzzle) is not required for any step in an authentication process.
What This Means: This success criterion requires that authentication processes do not require any cognitive function tests (like CAPTCHAs, password memorization, or puzzle-solving). This is a stricter version of Level AA 3.3.8, which allows cognitive function tests if alternatives are provided. At Level AAA, cognitive function tests must be eliminated entirely.
Why It's Important: Cognitive function tests can create insurmountable barriers for users with cognitive disabilities, memory impairments, or other conditions that affect cognitive function. By eliminating these tests entirely, authentication becomes fully accessible to all users. This ensures that no user is excluded from accessing services due to their cognitive abilities.
Eliminate all cognitive function tests from authentication processes. Use fully accessible alternatives like biometric authentication, hardware tokens, email/SMS verification, or other methods that don't require cognitive function. Provide multiple accessible authentication options. Ensure that authentication is possible for users with any type of disability, including cognitive disabilities.
This criterion ensures that users with cognitive disabilities can access and understand the content, improving their overall experience and ability to use the website effectively.
This criterion ensures that users with memory impairments can access and understand the content, improving their overall experience and ability to use the website effectively.
This criterion ensures that all users can access and understand the content, improving their overall experience and ability to use the website effectively.
Impact: When this criterion is properly implemented, it removes barriers for these user groups and creates a more inclusive web experience for everyone.
Users must solve a CAPTCHA to authenticate, excluding users with cognitive disabilities.
<form>
<input type="text" name="username">
<input type="password" name="password">
<div class="captcha">Solve this puzzle to continue</div>
<button type="submit">Login</button>
</form>Authentication uses accessible methods like biometrics or email verification.
<form>
<input type="email" name="email">
<button type="submit">Send Login Link</button>
</form>
<p>We'll send you a secure link to log in.</p>This success criterion benefits the following user groups:
Tip: Use this checklist during development and testing to ensure all requirements for 3.3.9 Accessible Authentication (Enhanced) are met. Check off items as you complete them.
Note: These are official W3C resources for 3.3.9. For the most up-to-date information and detailed technical guidance, always refer to the official W3C documentation.
Implementing 3.3.9 Accessible Authentication (Enhanced) correctly requires understanding your specific context. Code solutions vary significantly based on multiple factors:
HTML, React, Vue, Angular, PHP, Python, and other frameworks each have different patterns and best practices.
Server-side rendering, client-side rendering, static generation, and hybrid approaches require different solutions.
Your existing components, styling approach, and UI library influence how accessibility must be implemented.
Your specific user base, content type, and interaction patterns determine the most appropriate implementation.
We provide tailored implementation guidance by analyzing your specific technology stack, coding patterns, design system, and project requirements. Our team reviews your codebase and provides custom solutions that integrate seamlessly with your existing architecture.
Get Custom Implementation HelpPart of
Understandable PrincipleGuideline
3.3 Input Assistance